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Abstract —This paper investigates hardware cyber-security 
risks associated with channel decoders, which are commonly 
acquired as a black box in semiconductor industry. It is shown 
that channel decoders are potentially attractive targets for 
hardware cyber-security attacks and can be easily embedded 
with malicious blocks. Several attack scenarios are considered 
in this work and suitable methods for mitigating the risks are 
proposed. These methods are based on randomizing the inputs 
of the channel decoder to obstruct the communications between 
attackers and the malicious blocks, ideally without changing the 
decoding performance. 

Index Terms —Channel decoder, cyber-security, malicious cir¬ 
cuits, hardware Trojan, stochastic techniques. 

I. Introduction 

Many companies that design cyber infrastructure, commu¬ 
nications devices, and integrated circuits (ICs) use intellec¬ 
tual property (IP) elements developed by smaller and highly 
specialized companies, often without knowing exactly if the 
acquired IPs will do anything (possibly nefarious) beyond 
what they are supposed to do. These acquisitions are well 
justified financially and significantly reduce the cost associated 
with developing new ICs and products. This is also a healthy 
practice when different and unconventional specialties are 
needed. Nevertheless, security should not be compromised and 
special tools and design methodologies have to be developed to 
prevent any malicious activity carried out by the cyber systems 
that contains these ICs. 

A malicious block (also called a hardware Trojan) in a 
complex IC can be the result of an independent work of a few 
people in a large design team in a trustworthy company, or it 
can be hidden intentionally in an IP obtained in a supply chain 
or a commercial-off-the-shelf (COTS) product, or it can be an 
unintentional weakness or back-door that could be exploited 
by attackers. The malicious block could have been added in 
design, fabrication, packaging, testing, and assembling stages 
and it is non-trivial to discover the introduced blocks EMU). 

There have been some attempts for discovering hardware 
trustworthiness through screening the die’s image to find any 
modifications or additional transistors. This is not an easy 
task as the number of transistors is huge and often dummy 
transistors and blocks are used for improving matching and 
manufacturability. Furthermore, processing the image of a 
die, sandwiched in a 3-D packaging would be challenging. 


Alternatively, generating test signals and characterizing a block 
by its input/output relationship, or adding a signature can only 
work when the number of inputs and outputs are small. Even 
restricting the purchases to a number of trustworthy providers 
cannot fix the security issue, since as mentioned earlier, a small 
number of designers can always add a few gates without their 
supervisor’s permission or attention l5l- lfT8l . 

The fact that many big companies are hacked every year 
indicates security issues have to be dealt with more rigorously 
m. While most cyber-attacks target stealing confidential or 
precious information, they often cannot harm the hardware, 
though they may temporarily interrupt a service. Hardware 
oriented attacks pose different challenges and can possibly 
cause permanent damages to devices and systems that we are 
relying on in our daily life and lack of them could jeopardize 
people’s safety and cause economic damages 0. 

This paper focuses on developing a design for assurance 
by mitigating trustworthiness risks associated with cyber 
infrastructure hardware, more specifically in channel error- 
correcting decoders, which are an essential part of cyber 
systems that contain any digital communications systems or 
any computational system that uses memory. Channel decoders 
are important blocks in hardware trustworthiness analysis for 
the following reasons 

1) advanced channel decoders are complex circuits with 
millions of gates, thousands of floating point processing 
modules communicating through tens of thousands of 
wire connections. Yet it is possible to convert a decoder 
to a malicious block by using a few gates, which 
probably cannot be discovered by processing the die’s 
image, 

2) channel decoders directly interface with the outside 
world, which makes them an ideal block for receiving 
commands to start the nefarious act that could easily 
cause hardware or software failure, 

3) channel decoders process noisy information, either 
caused by communication channel imperfections or by 
imperfections in storage media, and even a functional de¬ 
coder cannot succeed all the time. A malicious channel 
decoder can easily claim false failures to block reception 
or retrieving stored information, 

4) it is literally impossible to identify a malicious activity 


by running a number of test cases on resource limited 
simulation or emulation environments of a channel de¬ 
coder as the number of inputs and outputs combinations 
are huge. A code of 2048 bits block length is not 
considered a long code ll20l and yet the number of 
different inputs is 2 2048 in a hard-decision decoder and it 
is 2 10,240 if soft-decoding with 5-bit resolution is used. 
It is thus impossible to verify all cases, and 

5) By developing suitable design methodologies and tech¬ 
niques to mitigate trustworthiness risks in channel de¬ 
coders, which pose unique challenges, it becomes possi¬ 
ble to mitigate trustworthiness risks in many other blocks 
and circuits that have less verification and implementa¬ 
tion complexities, resulting in a design for assurance. 

In this paper, different attack scenarios will be investigated 
and possible remedies will be developed to mitigate the risks. 
The problem will be tackled by exploiting stochastic tech¬ 
niques to encrypt information internally within an integrated 
circuit and manipulating data transmission in its communica¬ 
tion channels to avoid any unauthorized operation and isolate 
suspicious blocks. We assume that the cyber-security threats 
have not been found by screening the die or other techniques 
(0-ED). This work develops general techniques to mitigate 
the trustworthiness risks instead of trying to eliminate hard- 
to-find malicious blocks in a channel decoder with arbitrary 
codes and block lengths. 

II. Cyber-security in Integrated Circuits 

Tackling cyber-security issues in integrated circuits and 
electronic systems is a relatively new problem and exhibits 
new challenges (D-ED- A malicious block can be added to 
otherwise functional IP blocks by 

1) a few people in a design team within a trustworthy 
company acting without their supervisors’ notice, 

2) companies with ill intentions selling IPs, possibly un¬ 
derpriced, to get into supply chain of trustworthy com¬ 
panies, and 

3) an honest mistake of the design team leaving a vul¬ 
nerability or a back-door that can be later exploited by 
hackers. 

In addition to design stage, a malicious block can be added 
during fabrication in a foundry, or during packaging, testing, 
assembling, and installing process. Again a few people in 
trustworthy companies can alter the original design without 
their supervisors’ notice. Thus, there is always some chance 
that circuits and systems, even those developed by trustworthy 
companies would contain malicious blocks. This likelihood 
will be higher when there is no control over or access to 
companies selling their products in a supply chain or make 
commercial-off-the-shelf products. 

The malicious block could have been designed 

1) to collect confidential information and pass it to unau¬ 
thorized people (i.e., for espionage), 

2) to partially degrade the performance metrics (such as bit- 
error-rate, dynamic range, signal-to-noise ratio, lifespan. 


or energy-efficiency) in a competing product to win the 
market, 

3) to temporarily interrupt a service, make a system unsta¬ 
ble, or cause malfunction, and 

4) to sabotage and permanently destroy the integrated cir¬ 
cuit or electronic system (i.e., hardware attacks during 
cyber warfare). 

These acts could be for political, economic, or military ad¬ 
vantages. The first three items are commonly seen in cyber¬ 
attacks; however, software-based cyber-attacks cannot directly 
destroy an integrated circuit or electronics hardware. However, 
a malicious embedded circuit block can destroy an integrated 
circuit using many different techniques. For example by 

1) intentionally causing latch-up problem (EU-G2) in 
an integrated circuit by forward-biasing the substrate 
junctions to burn the integrated circuit and electronics 
system, 

2) short-circuiting the supply voltage or clock signal to 
damage power or clock tree, 

3) causing breakdown in gate oxide of MOS transistor by 
generating high-voltages using hidden capacitive voltage 
multipliers l22l . and 

4) increasing power consumption beyond thermal dissipa¬ 
tion capabilities of the substrate to burn the integrated 
circuit and the electronics system. 

The malicious circuit can also generate noise to obstruct 
communications or normal operations or stop the related IP 
to induce malfunctions on integrated circuit or electronics 
systems. The malicious circuit can be most dangerous if they 
are activated simultaneously in a wide area, for example all 
smartphones or computers stop working at a specific moment 
based on receiving a direct command or a pattern embedded 
in the input signals or reaching to a preset time and date. 
Furthermore, a malicious circuit can be activated based on 
an internal clock or by exploiting parameters that show aging 
process in an integrated circuit such as electromigration |22l . 

In order to protect integrated circuits, it is currently sug¬ 
gested to (see for example 0-03) 

1) limit purchases to trustworthy companies, 

2) process die’s image to discover any alteration or any 
suspicious circuits, 

3) investigate input/output relationship to discover any ab¬ 
normality, and 

4) add signatures, develop physical unclonable function 
(PUF) modules, or use software-inspired Proof- Carry¬ 
ing Code (PCC). 

III. Deterministic Systems versus Stochastic 
Systems 

The Achilles’ heel of security in electronic and computer 
systems is, arguably, their universal architecture and determin¬ 
istic behavior, which make them stationary targets 0. This 
means that no individual identity is given to these systems and 
studying or tampering a single sample is enough to discover 
how similar models are working. In fact, we are making 


electronic and computer systems to be exactly identical. This 
feature is mainly the result of mass production of these systems 
and a desire to repair and possibly upgrade parts of the system 
in the future. While, this might seem a necessity for all similar 
systems, it is not exactly true for biological systems. Human 
beings do not think or observe exactly the same way, neither do 
they respond to external stimulates, diseases, and medications. 
Transplanting organs is not an easy task in human beings and 
it is quite tricky to deceive body’s defense system not to reject 
a life-saving transplanted organ. We have always been envying 
machines that can last forever by replacing their faulty parts. 
However, this feature can also generate security vulnerability 
that malicious parts can be added to systems for nefarious 
purposes. 

A possible alternative to this paradigm is to promote 
stochastic systems, changing stationary targets to moving 
targets 0, where each system follows a different trajectory in 
its normal operation and performs the required task differently 
to that extent that systems won’t be exactly identical and even 
detailed information about the sample system does not provide 
the required knowledge to hackers to attack other similar 
systems. 

One approach to mitigate malicious blocks, which are 
activated by a command message is to wrap deterministic parts 
in stochastic envelopes or shields to make all communications 
within a system encrypted and hidden to external observers. 
In other words, building blocks of the system will operate in 
complete darkness and only process altered information using 
an encryption system that will be unique to each sample of an 
integrated circuit or system. 

Figure 1 shows an example for a general case when multiple 
modules are used in an electronic system. A seed is generated 
using a random noise that is sampled and quantized using an 
analog-to-digital converter (ADC) at the first boot-up. This 
seed will be a unique identity of the system and is sent to 
all modules within the system at the first boot-up and will 
be stored permanently, to form an encryption system that is 
device dependent. As an example, the random seed can be a 
long random binary sequence B with variable length, which is 
XORed with the output of each module (X out ) to generate an 
encrypted version of the output (X^ rypted = £>® X ou f). The 
module that receives the encrypted signal can only obtain X out 
if it has B since X out = B(B X^ rypted . In this way, replacing 
the genuine modules with malicious modules will fail the 
system (as a rejected transplanted organ in human body) and 
is not possible. Also by tapping the wire connections, only the 
encrypted signals can be obtained, which will seem random 
(since it has been generated using random noise). Furthermore, 
even by successfully hacking a system only B can be obtained 
but it does not reveal any information regarding other samples 
of the electronic system. 

IV. Trustworthiness in Channel Decoders 

Channel coding is an indispensable part of any modern 
digital communications system. It works by introducing some 



Fig. 1 . Generating a random seed in the first boot-up to 
initialize encryption in modules of an electronic system. Any 
attempt for replacing genuine modules with malicious mod¬ 
ules or tapping the communications among modules will be 
difficult and sample dependent. 


Channel 



Fig. 2. A simple model for digital communications systems. 

redundancy to the transmitted information to make com¬ 
munications reliable as shown in Figure 1. At the receiver 
side, a decoder exploits the added redundancy to find and 
possibly correct any mistake that may have happened due to 
transmission channel imperfections ll23ft and l24l . 

Let’s assume a binary linear block code is used and an 
encoder, which is located in the transmitter, maps a message 
vector m to a codeword vector c using a generator matrix G 
and channel noise (n) is additive and the decoder receives r 
vector which is equal to c + n. 

In the following sections, it is assumed that the attackers 
can broadcast signals that are received by a channel decoder 
embedded with a malicious block. 

A. Case-1: The Malicious Circuit is Activated by a Sequence 
of Codewords 

Let’s assume the malicious circuit inside a channel decoder 
is activated, to say cause latch-up problem to burn the IC, if 
five codewords C\, C2, C3, C4, and C5 (or their corresponding 
messages, i.e., m 1 , m 2 , m 3 , 7714 , and 777 . 5 ) arc detected in a 
specific sequence. Obviously, it is not feasible to generate all 
possible scenarios like this to discover the malicious circuit. 

Based on the following Lemma, a stochastic envelope can 
be developed to surround the channel decoder. 

Lemma: If V is a maximum likelihood decoder or any 
suboptimal decoder that equally treats codewords and V(r) = 
in (rh = m if decoding is successful with no undetectable 
error) then V(r + c x ) = rh + m x where m x is a random 
message and c x is its corresponding codeword. In hard- 
decision decoding, r + c x = c CD e CD c Xl where e is the error 
vector. In soft-decision decoding, the polarity of log-likelihood 
ratio (LLR) representation Il24l . corresponding to each bit in 
r' = r + c x will be equal to the binary addition of c x with the 
hard-decision corresponding to each bit in r. Obviously, the 
magnitude of LLR representation will not be changed. This 
Lemma can be proved based on the fact that for any linear 































































Fig. 3. A suspicious decoder wrapped in a stochastic envelope 
cannot receive any command based on codewords. m x is a 
random message and c x is its corresponding codeword. 

block code, the addition of every two codewords is also a 
codeword.^ 

Therefore, the received information (r) can be mapped 
randomly to another vector (r' = r + c x ) before it is applied 
to the decoder. The output of the decoder will be to + m x and 
will be added again with m x to result the expected output of 
the decoding (to) and the decoder cannot discover what was 
the codeword (see Figure 3). Meanwhile, m x is a randomly 
selected message that can be changed each time based on a 
different seed in different samples, making it difficult to tamper 
a sample device to attack other devices using the malicious 
decoder. The probability of observing the sequence of C\ , C 2 , 
C 3 , C 4 , and C 5 for a device using the proposed stochastic system 
will not be exactly zero. However, the extremely unlikely event 
of activating the malicious block by chance (based on random 
c x s) will not happen when the attackers want, thus makes the 
orchestrated attack practically ineffective. 

It is also important to note the malicious circuit, in this 
example, can be very small (in the order of a few hundred 
gates), which can be easily hidden in advanced multi-million 
gate decoders (25l - ll32lL 

B. Case-11: The Malicious Circuit is Activated by a Sequence 
of Error 

A more challenging case is when the attack command is 
embedded on a superficial error vector (e sup ) that renders 
shifting codewords useless. By superficial error, we mean the 
attackers transmit a vector, which is not a codeword, i.e., 
c ® e sup instead of c and overpower the natural channel noise 
in a way that the malicious block can extract e sup or some 
message embedded in it from the received information. It is 
interesting to note by shifting the codeword (Case-I), the error 
vector will not change. This is obvious by noting that shifting 
codewords changes c ® e to c ® c x © e, which does not have 
any impact on the error vector. 

Deterministic techniques, arguably fail to mitigate this at¬ 
tack. However, stochastic techniques such as stochastic Chase 
(29) and dithered belief propagation lf30l decoding algorithms 
that intentionally add random noise to the received vector be¬ 
fore decoding, to possibly improve the decoding performance 
and rely on several decoding trials, can be used for changing 
the noise vector and disabling this attack. However, there 
is no guarantee that the impact of e sup can be completely 
removed without adding too much noise and degrading the 
communications system. 


C. Case-111: The Malicious Circuit is Activated by a Sequence 
of Failure and Success in Decoding 

In this case, instead of a sequence of codewords or a noise 
pattern, a sequence of failure and success in decoding triggers 
the malicious circuit. For example, if a failed decoding (when 
no to is output) is represented by/, and a successful decoding 
(when to is output even if it is not equal to to) is represented 
by s, then an example sequence could be fsfsffssfjfsssffjfssss- 
fsfsffssfjfsssffffssssfsfsffssfjfsssfjffssssfsfsjfssfjfsssfjffssss^ 

The sequence should be long enough to make the likelihood 
of naturally observing the sequence near zero. As an example, 
let’s assume the chance of failure in decoding is 10 -5 , then the 
probability of observing the above sequence is almost 10 -220 . 

In this case the malicious circuit will be extremely simple 
and only consists of an 88 bit shift register and a small number 
of simple gates, which makes it even easier to hide in a 
large decoder circuit. Obviously, the techniques mentioned in 
previous examples do not help in this case, because they do 
not change the failure-success sequence. 

To mitigate this malicious block, it is possible to 

1) erase any memory inside the decoder by powering it 
off or by other means after each decoding operation. 
The idle time should be long enough to discharge any 
capacitive memory that might have been used, 

2) randomly reorder the received vectors using a stack at 
the input to prevent the decoder know the real sequence, 
and 

3) use redundant decoders and distribute the received 
blocks randomly among the decoders, preventing the 
decoders know anything about the real sequence or its 
statistics. 

In Figure 4, redundant decoders are utilized to change the 
failure/success statistics and facilitate powering off the other 
decoders. 

If internal memories cannot be erased or information is 
stored on capacitors hidden in the circuit, which retain the 
information during short power-off intervals (a few /is in 
low-latency communications systems), then randomizing the 
sequence of received vectors wont be completely effective. 
Unfortunately, utilizing many redundant decoders is not a 
viable approach because channel decoders are big circuits. 

If the number of redundant decoders is small, attackers 
can utilize communication techniques to convey the attack 
command to the malicious channel decoder. For example, they 
can use repetition coding scheme (24), he-, each failure or 
success is sent multiple time, for example 10 times. It means 
/ is replaced by ffffffffff and s is replaced by ssssssssss. If 
the received vectors are sent randomly to one of two available 
channel decoder in Figure 4, and the malicious decoders are 
smart enough to track timing, the sequence will consist of a 
number off and a number of I (standing for idle). For example, 
Iflfllffll , which can be easily recognized as an / unless idle 
time intervals are replaced by completely random decoding. 

Nevertheless, if the number of random decoding is not large 
enough, attackers can still send their message to the malicious 












Fig. 4. Using redundant decoders to prevent exploiting the 
sequence of success/failure or other statistical information. 

channel decoder by treating this randomizing process similar 
to a noisy communication channel and utilizing the decoding 
capability of the malicious decoder to recover the original 
sequence. After all, a channel decoder is used to recover a 
message transmitted through a noisy channel. 

V. Conclusion 

In this paper different scenarios were discussed for mitigat¬ 
ing trustworthiness risks in channel decoders. It was demon¬ 
strated that by completely isolating a block in a circuit from 
the outside world, by wrapping it in a stochastic envelope in a 
way that no direct data or statistical information is passed to 
the block, many attacks can be mitigated. We used additional 
redundancy to randomize statistics and developed techniques 
for randomly shifting codewords. Stochastic techniques can 
also be utilized to further randomize inputs of a malicious 
decoder to hide data from the processing modules. 

It was also highlighted that a malicious embedded block can 
destroy an integrated circuit and harm a cyber-hardware in a 
second, which makes it different and more dangerous than 
common software cyber-attacks. Furthermore, it was shown 
that a malicious block can be very small and can remain hidden 
in a large circuit. 

These observations and other preliminary results represent 
just the tip of an iceberg that cyber infrastructure hardware 
would face, and require further investigations and develop¬ 
ments to quantify and mitigate their harmful effects. De¬ 
veloping viable solutions and approaches for safeguarding 
integrated circuits and electronic systems utilizing channel 
decoders necessitates these comprehensive investigations too. 
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